# Rate Limiting Configuration for Flask Backend

# Add this to requirements.txt

# flask-limiter

# redis  # Optional: for distributed rate limiting

"""
Rate limiting implementation - add to app.py
"""

# At the top of app.py, add

from flask_limiter import Limiter
from flask_limiter.util import get_remote_address

# After creating app, add

limiter = Limiter(
    app=app,
    key_func=get_remote_address,
    default_limits=["200 per day", "50 per hour"],
    storage_uri="memory://"  # Use redis:// for production with multiple workers
)

# Apply rate limiting to specific endpoints

@app.route('/api/profiles', methods=['GET','POST'])
@limiter.limit("100 per hour")
def profiles():
    # ... existing code ...
    pass

@app.route('/api/songs', methods=['GET','POST'])
@limiter.limit("100 per hour")
def songs():
    # ... existing code ...
    pass

@app.route('/api/search_external')
@limiter.limit("30 per hour")  # More restrictive for external API calls
def search_external():
    # ... existing code ...
    pass

@app.route('/api/upload_lyric', methods=['POST'])
@limiter.limit("10 per hour")  # File uploads should be rate limited
def upload_lyric():
    # ... existing code ...
    pass